Integrator.exe
- File Path:
C:\program files (x86)\Glary Utilities 5\Integrator.exe - Description: Glary Utilities 5
Screenshot
Hashes
| Type | Hash |
|---|---|
| MD5 | BD5EFF31291F2089276BC716FE9C958B |
| SHA1 | 18A04F29798C9206C418E8DFC990CC01D73E29C4 |
| SHA256 | EB991BF365EBE06DA3017F9BB7C1C2DBFD958C5A2D7F21F94AB8A2450CF7E259 |
| SHA384 | 4DB788261B0BDDE7A09AE608EA6F98FF37A212C0D9C625260EC87E7A7E6AC92E455BD667DE9022AC17A788957A09EFB2 |
| SHA512 | 4BEA0B3EEA402B63A1DAE05D1804E3602AD5B18D1F2500FB8B4537AB28B699EBD07EFF5B2A11E9062D3ABD8AE64AEEFF0D8550F223DE544C825987BFCC71BA3E |
| SSDEEP | 24576:lxEPkbOUmcBPkGVP1RjETfSwtTxuWvZwnnvqxc:lxEPkbIGVzGSwtTxuyGnvqm |
Runtime Data
Window Title:
Glary Utilities
Open Handles:
| Path | Type |
|---|---|
| (R-D) C:\Windows\Fonts\StaticCache.dat | File |
| (R-D) C:\Windows\System32\en-US\crypt32.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\KernelBase.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\mswsock.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\propsys.dll.mui | File |
| (R-D) C:\Windows\SysWOW64\en-US\user32.dll.mui | File |
| (RW-) C:\Program Files (x86)\Glary Utilities 5 | File |
| (RW-) C:\Users\user\Documents | File |
| (RW-) C:\Windows | File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589 | File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1_none_fd031af45b0106f2 | File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.450_none_4294d6e08a97344a | File |
| \BaseNamedObjects__ComCatalogCache__ | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro | Section |
| \BaseNamedObjects\F932B6C7-3A20-46A0-B8A0-8894AA421973 | Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \BaseNamedObjects\windows_shell_global_counters | Section |
| \Sessions\1\BaseNamedObjects\UrlZonesSM_user | Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters | Section |
| \Sessions\1\BaseNamedObjects\windows_webcache_counters_{9B6AB5B3-91BC-4097-835C-EA2DEC95E9CC}_S-1-5-21-2047949552-857980807-821054962-504 | Section |
| \Sessions\1\Windows\Theme4048709601 | Section |
| \Windows\Theme603176458 | Section |
Loaded Modules:
| Path |
|---|
| C:\program files (x86)\Glary Utilities 5\Integrator.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
0F05AE21CDC17B9F3CF09D7BFC659BA3 - Thumbprint:
362EBB303E088105BDCC07D94E6B7875D30C0D06 - Issuer: CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=Glarysoft LTD, O=Glarysoft LTD, S=Beijing, C=CN
File Metadata
- Original Filename: Integrator.exe
- Product Name: Glary Utilities
- Company Name: Glarysoft Ltd
- File Version: 5, 149, 0, 175
- Product Version: 5, 0, 0, 0
- Language: English
- Legal Copyright: Copyright (c) 2003-2020 Glarysoft Ltd
File Similarity (ssdeep match)
| File | Score |
|---|---|
| C:\Program Files (x86)\Glary Utilities 5\Integrator.exe | 91 |
| C:\Program Files (x86)\Glary Utilities 5\Integrator.exe | 85 |
Possible Misuse
The following table contains possible examples of Integrator.exe being misused. While Integrator.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
| Source | Source File | Example | License |
|---|---|---|---|
| sigma | registry_event_asep_reg_keys_modification_common.yml | - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_asep_reg_keys_modification_currentversion.yml | - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_asep_reg_keys_modification_currentversion_nt.yml | - 'C:\Program Files\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_asep_reg_keys_modification_currentversion_nt.yml | - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_asep_reg_keys_modification_wow6432node.yml | - 'C:\Program Files\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_asep_reg_keys_modification_wow6432node.yml | - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_office_vsto_persistence.yml | - '\integrator.exe' |
DRL 1.0 |
| sigma | registry_event_removal_com_hijacking_registry_key.yml | Image: 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' |
DRL 1.0 |
MIT License. Copyright (c) 2020-2021 Strontic.